Cloud Defense Strategies with Azure Sentinel : Hands-on Threat Hunting in Cloud Logs and Services
معرفی کتاب «Cloud Defense Strategies with Azure Sentinel : Hands-on Threat Hunting in Cloud Logs and Services» نوشتهٔ Manikandan Sambamurthy و Marshall Copeland، منتشرشده توسط نشر Apress : Imprint: Apress در سال 2021. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
Use various defense strategies with Azure Sentinel to enhance your cloud security. This book will help you get hands-on experience, including threat hunting inside Azure cloud logs and metrics from services such as Azure Platform, Azure Active Directory, Azure Monitor, Azure Security Center, and others such as Azure Defender's many security layers. This book is divided into three parts. Part I helps you gain a clear understanding of Azure Sentinel and its features along with Azure Security Services, including Azure Monitor, Azure Security Center, and Azure Defender. Part II covers integration with third-party security appliances and you learn configuration support, including AWS. You will go through multi-Azure Tenant deployment best practices and its challenges. In Part III you learn how to improve cyber security threat hunting skills while increasing your ability to defend against attacks, stop data loss, prevent business disruption, and expose hidden malware. You will get an overview of the MITRE Attack Matrix and its usage, followed by Azure Sentinel operations and how to continue Azure Sentinel skill improvement. After reading this book, you will be able to protect Azure resources from cyberattacks and support XDR (Extend, Detect, Respond), an industry threat strategy through Azure Sentinel. What You Will Learn Understand Azure Sentinel technical benefits and functionality Configure to support incident response Integrate with Azure Security standards Be aware of challenges and costs for the Azure log analytics workspace Who This Book Is For Security consultants, solution architects, cloud security architects, and IT security engineers Table of Contents About the Author About the Technical Reviewer Acknowledgments Introduction Part I Chapter 1: Azure Sentinel Overview Azure Sentinel Platform Benefits Azure Deployment Recommendations Global Design and Cost Preparation Azure Sentinel Enablement Azure Logs Azure Metrics Data Ingestion Summary Chapter 2: Other Azure Security Services Azure Log Analytics Azure Monitor Azure Security Center Enable Security Microsoft Defender for Endpoint Microsoft Defender for Identity Summary Chapter 3: Getting Started with Azure Sentinel and XDR Capabilities Security Operations Center with Azure Sentinel and XDR Azure Sentinel SIEM and Azure Security Azure Sentinel Prioritization Microsoft 365 Defender, XDR Security Road Map Summary Part II Chapter 4: Sentinel Data Connection Azure Control Plane and Data Plane Native Data Connectors Log Analytics Storage Options Industry Leaders’ Third-Party Data Kusto Query Language Threat Intelligence – TAXII Integration Summary Chapter 5: Threat Intelligence Threat Intelligence Communicating Using STIX and TAXII Options for Threat Intelligence Implementing Microsoft Threat Intelligence Other Considerations for Threat Intelligence Summary Chapter 6: Multi-tenant Architecture Azure Design: Single and Multi-tenant Single-Workspace Considerations Multi-workspace Considerations Azure Security Platform Summary Part III Chapter 7: Kusto Query Language and Threat Hunting Where Does Azure Data Reside Kusto Query Language Training Introduction to the Kusto Query Language Threat Hunting with Azure Sentinel Summary Chapter 8: Introduction to the MITRE Matrix MITRE ATT&CK CISO Summary Cybersecurity Threats Current Security Facts Microsoft Security Intelligence Report (SIR) 2021 Verizon Data Breach Investigations Report (DBIR) Update Ponemon Institute: IBM Sponsored Cisco Annual Cybersecurity Report FireEye M-Trends 2021 Annual Security Report Secure Cloud Steps Azure Cloud Networking, Encryption, and Data Storage Identity Multi-factor Authentication (MFA) Software Is a Key Vulnerability OWASP, Security Development Lifecycle (SDLC) Finding Cloud Blind Spots Improves Your Network Security Knowledge NVD Use with ITIL/Change Management Patching Security Responsibility Model Summary Chapter 9: Azure Sentinel Operations Modern Security Operations Center Structure Workbooks Playbooks Notebooks Log Management Summary Index "Use various defense strategies with Azure Sentinel to enhance your cloud security. This book will help you get hands-on experience, including threat hunting inside Azure cloud logs and metrics from services such as Azure Platform, Azure Active Directory, Azure Monitor, Azure Security Center, and others such as Azure Defender's many security layers. This book is divided into three parts. Part I helps you gain a clear understanding of Azure Sentinel and its features along with Azure Security Services, including Azure Monitor, Azure Security Center, and Azure Defender. Part II covers integration with third-party security appliances and you learn configuration support, including AWS. You will go through multi-Azure Tenant deployment best practices and its challenges. In Part III you learn how to improve cyber security threat hunting skills while increasing your ability to defend against attacks, stop data loss, prevent business disruption, and expose hidden malware. You will get an overview of the MITRE Attack Matrix and its usage, followed by Azure Sentinel operations and how to continue Azure Sentinel skill improvement. After reading this book, you will be able to protect Azure resources from cyberattacks and support XDR (Extend, Detect, Respond), an industry threat strategy through Azure Sentinel."--Amazon.ca
دانلود کتاب Cloud Defense Strategies with Azure Sentinel : Hands-on Threat Hunting in Cloud Logs and Services